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Amendments to the Claims: 

The listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

What is claimed is: 

1 , (Currently Amended) A method for cross domain security information 
conversion, the method comprising: 

receiving from a system entity, in a security service, security information in a 
native format of a first security domain regarding a system entity having an 
identity in at least one security domain; 

translating the security information to a canonical format for security information* 
wherein the canonical format is a data format for security information that is 
standardized for use in data transformations of security information : 

transforming the security information in the canonical format using a predefined 
mapping from the first security domain to a second security domain; 

translating the transformed security information in die canonical format to a 
native format of the second security domain; and 

returning to the system entity the security information in the native format of the 
second security domain* 

2. (Original) The method of claim 1 wherein transforming the security information 
includes structure transformation and value transformation, including mapping a 
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system entity's identity in the first security domain to a another identity in the 
second security domain. 

3. (Original) The method of claim I wherein receiving security information further 
comprises receiving a request for security information for the second security 
domain, wherein the request encapsulates the security information in a native 
format of a first security domain. 

4. (Original) The method of claim 3 wherein the system entity comprises a system 
entity requesting access to a resource in the second security domain. 

5. (Original) The method of claim 3 wherein the system entity comprises a system 
entity providing access to a resource in the second security domain. 

6. (Original) The method of claim 1 wherein translating the security information in 
a native format of a first security domain to a canonical format is carried out 
through a procedural software function. 

7. (Original) The method of claim 1 wherein the native format of the first security 
domain is expressed in XML, the canonical format is expressed in XML, and 
translating the security information in a native format of a first security domain to 
a canonical format is carried out in dependence upon a mapping, expressed in 
XSL, from the native format of the first security domain to a canonical format 

8. (Original) The method of claim 1 wherein the canonical format is expressed in 
XML and the predefined mapping from the first security domain to a second 
security domain is expressed in XSL 

9. (Original) The method of claim 1 wherein the second native format is expressed 
in XML, the canonical format is expressed in XML, and translating the 
transformed security information in the canonical format to a native format of die 
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second security domain is carried out in dependence upon a predefined mapping, 
expressed in XSL, from the canonical format to the native format of the second 
security domain. 

10* (Original) A system for cross domain security information conversion, the system 
comprising: 

means for receiving from a system entity, in a security service, security 
information in a native format of a first security domain regarding a system entity 
having an identity in at least one security domain; 

means for translating the security information to a canonical format for security 
information; 

means for transforming the security information in the canonical format using a 
predefined mapping from the first security domain to a second security domain; 

means for translating the transformed security information in the canonical format 
to a native format of the second security domain; and 

means for returning to the system entity the security information in the native 
format of the second security domain, 

1 1 . (Original) The system of claim 1 0 wherein means for transforming the security 
information includes means for structure transformation and value transformation, 
including means for mapping a system entity's identity in the first security domain 
to a another identity in the second security domain, 

12. (Original) The system of claim 1 0 wherein means for receiving security 
information further comprises means for receiving a request for security 
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information for the second security domain, wherein the request encapsulates the 
security information in a native format of a first security domain, 

13. (Original) The system of claim 12 wherein the system entity comprises a system 
entity requesting access to a resource in the second security domain, 

14. (Original) The system of claim 12 wherein the system entity comprises a system 
entity providing access to a resource in the second security domain. 

1 5. (Original) The system of claim 1 0 wherein means for translating the security 
information in a native format of a fi rst security domain to a canonical format 
comprises a procedural software function. 

16. (Original) The system of claim 10 wherein means for translating the security 
information in a native format of a first security domain to a canonical format 
comprises a mapping, expressed in XSL, from the native format of the first 
security domain to a canonical format 

17. (Original) The system of claim 10 wherein the canonical format is expressed in 
XML and the predefined mapping from the first security domain to a second 
security domain is expressed in XSL* 

18. (Original) The system of claim 10 wherein the second native format is expressed 
in XML, the canonical format is expressed in XML, and means for translating the 
transformed security information in the canonical format to a native format of the 
second security domain comprises a predefined mapping, expressed in XSL, from 
the canonical format to the native format of the second security domain. 

1 9. (Currently Amended) A computer program product for cross domain security 
information conversion, the computer program product embodied on a recordable 
computer-readable medium, the computer program product comprising computer 



6 



AUS920040010US1 



pr n P ^ instructions, which when insta lled and executed on a data processing 
c Y ct^ ?1 *m> ca pable caus ing the data processing system to carry out the steps of: 

a recording medium; 

moons, recorded on the rcoording medium, for receiving from a computer 
program product system e ntity, in a security service, security information in a 
native format of a first security domain regarding a computer program product 
system e ntity having an identity in at least one security domain; 

means, recorded on the recording medium, for translating the security information 
to a canonical format for security information; 

moans, recorded on th e recording medium, for transforming the security 
information in the canonical format using a predefined mapping from the first 
security domain to a second security domain; 

meaaSj recorded on the recording medium, for translating the transformed security 
information in the canonical format to a native format of the second security 
domain; and 

means* r e corded on th e recording - medium, for returning to the computer program 
product system e ntity the security information in the native format of the second 
security domain* 

20, (Currently Amended) The computer program product of claim 1 9 wherein means, 
recorded on the recording medium, for transforming the security information 
includes means, recorded on the recording medium, for structure transformation 
and value transformation, including means, recorded on the recording medium^ 
for mapping a system entity's identity in the first security domain to [[a]] another 
identity in the second security domain. 
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21. (Currently Amended) The computer program product of claim 1 9 wherein means, 
recorded on the recording medium, for receiving security information further 
comprises means, recorded on the - recording - mediumrfor receiving a request for 
security information for the second security domain, wherein the request 
encapsulates the security information in a native format of a first security domain. 

22. (Currently Amended) The computer program product of claim 21 wherein the 
computer program product system e ntity comprises a computer program product 
system e ntity requesting access to a resource in the second security domain. 

23. (Currently Amended) The computer program product of claim 21 wherein the 
computer program product entity comprises a computer program product system 
entity providing access to a resource in the second security domain. 

24. (Currently Amended) The computer program product of claim 1 9 wherein m e ans, 
record e d on th e r e cording medium, for translating the security information in a 
native format of a first security domain to a canonical format comprises a 
procedural software function. 

25. (Currently Amended) The computer program product of claim 1 9 wherein means? 
recorded on the recording m e dium, for translating the security information in a 
native format of a first security domain to a canonical format comprises a 
mapping, expressed in XSL, from the native format of the first security domain to 
a canonical format. 

26. (Original) The computer program product of claim 1 9 wherein the canonical 
format is expressed in XML and the predefined mapping from the first security 
domain to a second security domain is expressed in XSL. 
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27. (Currently Amended) The computer program product of claim 1 9 wherein m e ans, 
recorded on the recording medium, for translating the transformed security 
information in the canonical format to a native format of the second security 
domain comprises a procedural software function, 

28* (Currently Amended) The computer program product of claim 1 9 wherein the 
second native format is expressed in XML, the canonical format is expressed in 
XML, and means, record e d on th e recording medium, for translating the 
transformed security information in the canonical format to a native format of the 
second security domain comprises a predefined mapping, expressed in XSL, from 
the canonical format to the native format of the second security domain. 
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